2022-02-14 17:22:30 +01:00
|
|
|
package login
|
2021-06-10 14:18:07 +02:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
|
2022-04-27 01:01:45 +02:00
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
2022-09-12 17:18:08 +01:00
|
|
|
caos_errs "github.com/zitadel/zitadel/internal/errors"
|
2021-06-10 14:18:07 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
tmplLoginSuccess = "login_success"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type loginSuccessData struct {
|
|
|
|
|
userData
|
|
|
|
|
RedirectURI string `schema:"redirect-uri"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *Login) redirectToLoginSuccess(w http.ResponseWriter, r *http.Request, id string) {
|
|
|
|
|
http.Redirect(w, r, l.renderer.pathPrefix+EndpointLoginSuccess+"?authRequestID="+id, http.StatusFound)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *Login) handleLoginSuccess(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
authRequest, _ := l.getAuthRequest(r)
|
2021-12-14 09:47:49 +01:00
|
|
|
if authRequest == nil {
|
|
|
|
|
l.renderSuccessAndCallback(w, r, nil, nil)
|
2022-01-12 15:31:11 +01:00
|
|
|
return
|
2021-12-14 09:47:49 +01:00
|
|
|
}
|
|
|
|
|
for _, step := range authRequest.PossibleSteps {
|
|
|
|
|
if step.Type() != domain.NextStepLoginSucceeded && step.Type() != domain.NextStepRedirectToCallback {
|
2021-06-10 14:18:07 +02:00
|
|
|
l.renderNextStep(w, r, authRequest)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
l.renderSuccessAndCallback(w, r, authRequest, nil)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *Login) renderSuccessAndCallback(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
|
2021-06-18 10:31:53 +02:00
|
|
|
var errID, errMessage string
|
2021-06-10 14:18:07 +02:00
|
|
|
if err != nil {
|
2021-06-18 10:31:53 +02:00
|
|
|
errID, errMessage = l.getErrorMessage(r, err)
|
2021-06-10 14:18:07 +02:00
|
|
|
}
|
|
|
|
|
data := loginSuccessData{
|
2022-11-07 09:55:12 +01:00
|
|
|
userData: l.getUserData(r, authReq, "LoginSuccess.Title","", errID, errMessage),
|
2021-06-10 14:18:07 +02:00
|
|
|
}
|
|
|
|
|
if authReq != nil {
|
2022-09-12 17:18:08 +01:00
|
|
|
//the id will be set via the html (maybe change this with the login refactoring)
|
|
|
|
|
if _, ok := authReq.Request.(*domain.AuthRequestOIDC); ok {
|
|
|
|
|
data.RedirectURI = l.oidcAuthCallbackURL(r.Context(), "")
|
|
|
|
|
} else if _, ok := authReq.Request.(*domain.AuthRequestSAML); ok {
|
|
|
|
|
data.RedirectURI = l.samlAuthCallbackURL(r.Context(), "")
|
|
|
|
|
}
|
2021-06-10 14:18:07 +02:00
|
|
|
}
|
2022-04-25 11:16:36 +02:00
|
|
|
l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplLoginSuccess], data, nil)
|
2021-06-10 14:18:07 +02:00
|
|
|
}
|
2021-12-14 09:47:49 +01:00
|
|
|
|
|
|
|
|
func (l *Login) redirectToCallback(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest) {
|
2022-09-12 17:18:08 +01:00
|
|
|
var callback string
|
|
|
|
|
switch authReq.Request.(type) {
|
|
|
|
|
case *domain.AuthRequestOIDC:
|
|
|
|
|
callback = l.oidcAuthCallbackURL(r.Context(), authReq.ID)
|
|
|
|
|
case *domain.AuthRequestSAML:
|
|
|
|
|
callback = l.samlAuthCallbackURL(r.Context(), authReq.ID)
|
|
|
|
|
default:
|
|
|
|
|
l.renderInternalError(w, r, authReq, caos_errs.ThrowInternal(nil, "LOGIN-rhjQF", "Errors.AuthRequest.RequestTypeNotSupported"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
http.Redirect(w, r, callback, http.StatusFound)
|
2021-12-14 09:47:49 +01:00
|
|
|
}
|
